$ rpki-client -vvf rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/3D19A90810AD11ED9FFCFC56C4F9AE02.roa File: 3D19A90810AD11ED9FFCFC56C4F9AE02.roa (raw, json) Hash identifier: hqZNi8jb9PfIBZ40ivFfM9w6K9/28vEma8/dZXwTKh4= Subject key identifier: FE:DD:CE:1C:94:0A:E0:87:EB:52:08:B5:79:1F:3D:EC:80:D0:79:6E Certificate issuer: /CN=A911D75C/serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD Certificate serial: 0BB1 Authority key identifier: 1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/3D19A90810AD11ED9FFCFC56C4F9AE02.roa Signing time: Tue 02 Jul 2024 19:26:50 +0000 ROA not before: Tue 02 Jul 2024 19:26:50 +0000 ROA not after: Tue 30 Sep 2025 00:00:00 +0000 asID: 134371 IP address blocks: 103.62.140.0/22 maxlen: 24 202.136.88.0/22 maxlen: 24 2400:3dc0::/32 maxlen: 32 2400:3dc0::/36 maxlen: 36 2400:3dc0::/44 maxlen: 48 2400:3dc0:10::/44 maxlen: 48 2400:3dc0:2e::/48 maxlen: 48 2400:3dc0:2f::/48 maxlen: 48 2400:3dc0:3e::/48 maxlen: 48 2400:3dc0:3f::/48 maxlen: 48 2400:3dc0:40::/44 maxlen: 48 2400:3dc0:50::/44 maxlen: 48 2400:3dc0:60::/44 maxlen: 48 2400:3dc0:100::/48 maxlen: 48 2400:3dc0:101::/48 maxlen: 48 2400:3dc0:200::/48 maxlen: 48 2400:3dc0:201::/48 maxlen: 48 2400:3dc0:300::/48 maxlen: 48 2400:3dc0:400::/48 maxlen: 48 2400:3dc0:500::/48 maxlen: 48 2400:3dc0:600::/48 maxlen: 48 2400:3dc0:700::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 18:28:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2993 (0xbb1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911D75C/serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD Validity Not Before: Jul 2 19:26:50 2024 GMT Not After : Sep 30 00:00:00 2025 GMT Subject: CN=66845479-4e78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:6e:9e:a8:2b:d9:c8:5b:4c:e5:71:38:d8:44: a1:f9:95:90:e3:24:28:2f:ed:0a:68:a1:2e:11:ad: 92:10:5d:0a:d6:a8:aa:ef:a0:8a:4f:4a:13:79:51: 56:b0:6c:0d:7d:ab:be:1a:cc:5b:96:2d:a2:35:a6: 34:df:8f:fa:6f:82:54:26:40:4c:82:ac:b3:1b:b7: a9:f7:3e:d0:a5:98:be:bf:ac:b1:a6:74:e7:36:c2: 4f:9d:59:1a:f8:46:f0:2c:3f:ee:34:4d:f3:98:f7: 72:eb:e3:fa:3d:e5:54:24:74:42:8c:08:e3:f5:c3: c6:bd:6d:c5:65:aa:29:52:69:ec:e8:c1:82:b1:76: d9:68:04:63:29:2b:52:b2:de:55:82:48:7f:83:e0: 57:0d:69:ad:38:95:04:a8:e9:ab:98:95:a9:db:7c: 89:9d:6d:c0:3d:cc:94:aa:97:b3:0b:ba:38:cb:68: 79:ff:c1:08:62:0c:ab:08:ad:41:31:e4:ec:c1:10: 30:42:d4:f8:98:4e:06:85:17:ba:b2:d7:72:5f:87: a6:72:9f:e3:6a:5d:b8:3a:e2:47:4d:a0:4c:8e:e4: 58:d7:48:eb:4c:3e:c9:14:50:05:85:e1:81:9c:34: 3f:dd:d9:3c:39:fe:e1:d9:65:01:1c:ac:08:1d:a7: ec:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:DD:CE:1C:94:0A:E0:87:EB:52:08:B5:79:1F:3D:EC:80:D0:79:6E X509v3 Authority Key Identifier: keyid:1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/3D19A90810AD11ED9FFCFC56C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.62.140.0/22 202.136.88.0/22 IPv6: 2400:3dc0::/32 Signature Algorithm: sha256WithRSAEncryption af:4d:0c:fb:3a:c9:f0:f0:fa:53:34:d4:12:04:b4:05:eb:20: d2:a8:d9:31:8a:15:5b:fc:51:0f:7b:5b:50:13:d4:2a:96:03: ca:87:79:1e:38:11:28:a3:14:1f:e3:75:cc:c7:f8:8c:72:87: 16:7c:16:39:52:e6:a7:43:ec:fb:8d:45:fd:42:5f:04:0a:b9: 49:c7:65:1a:5f:2d:3b:73:d3:16:74:17:7c:19:0f:8a:85:fb: 73:2d:02:d2:c7:27:dd:f5:9f:18:ab:2a:16:3a:04:c2:0f:26: 7c:ed:9f:d2:22:c5:c6:cd:17:c6:82:58:34:51:f3:1c:63:fa: c3:58:86:d5:30:94:8a:94:d5:09:26:e8:d4:9c:a6:32:d5:8c: 32:31:3b:ae:bc:26:63:35:2a:20:05:2e:55:50:f7:af:93:8f: 20:f1:b1:14:e9:99:07:85:ee:e5:f2:b0:8e:b7:a0:48:2b:0d: 92:8e:47:7b:b0:29:05:96:b5:34:4b:35:32:c0:16:7e:fa:a0: 00:91:12:c2:34:15:28:ba:1b:0d:04:78:27:4c:97:4d:a3:79: 07:c5:ac:12:f3:db:70:b8:b7:5e:8e:0f:f9:b6:b0:c3:23:71: b9:7a:a6:10:bd:3d:2f:25:b4:01:cb:61:41:cc:ca:9b:d1:23: a3:2b:59:2d -----BEGIN CERTIFICATE----- MIIFhjCCBG6gAwIBAgICC7EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUQ3NUMxMTAvBgNVBAUTKDFBMUE0MEFEOTNBNEE0MzA3RUQ3MjY0RDQ3RDI1MkNB RjYyREVGRkQwHhcNMjQwNzAyMTkyNjUwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD VQQDEw02Njg0NTQ3OS00ZTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvG6eqCvZyFtM5XE42ESh+ZWQ4yQoL+0KaKEuEa2SEF0K1qiq76CKT0oTeVFW sGwNfau+Gsxbli2iNaY034/6b4JUJkBMgqyzG7ep9z7QpZi+v6yxpnTnNsJPnVka +EbwLD/uNE3zmPdy6+P6PeVUJHRCjAjj9cPGvW3FZaopUmns6MGCsXbZaARjKStS st5Vgkh/g+BXDWmtOJUEqOmrmJWp23yJnW3APcyUqpezC7o4y2h5/8EIYgyrCK1B MeTswRAwQtT4mE4GhRe6stdyX4emcp/jal24OuJHTaBMjuRY10jrTD7JFFAFheGB nDQ/3dk8Of7h2WUBHKwIHafs5wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFP7dzhyU CuCH61IItXkfPeyA0HluMB8GA1UdIwQYMBaAFBoaQK2TpKQwftcmTUfSUsr2Le/9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDc1Qy8yQkM1RkQ0MDA2 QzAxMUVBQkM0M0I3MDlDNEY5QUUwMi9HaHBBclpPa3BEQi0xeVpOUjlKU3l2WXQ3 XzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0docEFyWk9rcERCLTF5Wk5SOUpTeXZZdDdfMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MUQ3NUMvMkJDNUZENDAwNkMwMTFFQUJDNDNCNzA5QzRGOUFFMDIvM0QxOUE5MDgx MEFEMTFFRDlGRkNGQzU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E JTAjMBIEAgABMAwDBAJnPowDBALKiFgwDQQCAAIwBwMFACQAPcAwDQYJKoZIhvcN AQELBQADggEBAK9NDPs6yfDw+lM01BIEtAXrINKo2TGKFVv8UQ97W1AT1CqWA8qH eR44ESijFB/jdczH+IxyhxZ8FjlS5qdD7PuNRf1CXwQKuUnHZRpfLTtz0xZ0F3wZ D4qF+3MtAtLHJ931nxirKhY6BMIPJnztn9IixcbNF8aCWDRR8xxj+sNYhtUwlIqU 1Qkm6NScpjLVjDIxO668JmM1KiAFLlVQ96+TjyDxsRTpmQeF7uXysI63oEgrDZKO R3uwKQWWtTRLNTLAFn76oACREsI0FSi6Gw0EeCdMl02jeQfFrBLz23C4t16OD/m2 sMMjcbl6phC9PS8ltAHLYUHMypvRI6MrWS0= -----END CERTIFICATE-----Generated at Fri Nov 22 19:49:57 2024 by rpki-client on console-ams.rpki-client.org